<?php
include('./db_config.php');
session_start();
$UID = trim($_POST["usrid"]);
$PASSWD = trim($_POST["passwd"]);
if ((empty($UID)) || (empty($PASSWD))){
	header("Location: ./login.php?error=ETY");
	exit;
}
$link = mysql_connect($db_host, $db_user, $db_password) or die ("Connection failed due to: " . mysql_error());
mysql_select_db ($db_name) or die("Selection failed due to: " . mysql_error());
$query = "SELECT * FROM account WHERE user_id = '$UID' AND password = '$PASSWD'";
$result = mysql_query($query) or die("Query failed due to: " . mysql_error());
$row = mysql_fetch_assoc($result);
if (!(empty($row))) {
	$_SESSION["valid"] = "true";
	if($row['valid'] == 0){
		header("Location: ./login.php?error=mail");
		exit;
	}
	elseif ($row['employer'] == 1){
		$_SESSION['employer'] = 'true';
		$_SESSION['uid'] = $UID;
	}
	else {
		$_SESSION['employer'] = 'false';
	}
	header("Location: ./choose.php");
	exit;
}
else {
	header("Location: ./login.php?error=login");
	exit;
}
?>